Application No. 09/467,465 
Amendment "A" dated August 30, 2004 
Reply to Office Action mailed March 30, 2004 

REMARKS 

Claims 1-48 are currently pending in the application. By the foregoing amendments, 
Applicants amended Claims 35-38 and 45 and added Claims 46-48 to further clarify and/or 
define the claimed invention. 

New Attorney Docket Number 

To help with docketing incoming correspondence for the present application, Applicant 
respectfully requests that the Examiner identify the present application using a new Attorney 
Docket Number (15964.5.1). 

Amendments to the Specification 

Applicant thanks the Examiner for finding the typographical error in the specification. 
As the Examiner correctly noted in the Office Action, the United States Provisional Patent 
Application entitled "Secure Access Session without Modifying Existing Firewall" and filed 
December 20, 2000 has a serial number of 60/257,481 ~ not 60/257,480. The amendment above 
corrects this typographical error. In addition, the Applicant has enclosed a Request for Corrected 
Filing Receipt. 

Obiections to the Claims 

In the Office Action, the Examiner stated that the line numbering of the claims in the 
present application as filed did not correspond to the preferred format. Applicant has included 
above lisfing of claims, which Applicant believes is properly formatted. If the above lisfing is 
not satisfactory. Applicant respectfully requests that the Examiner so advise. 
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Objections to Drawings 

In the Office Action, the Examiner requested that the Apphcant amend Figure 1 to add a 
"Prior Art" legend, which the Apphcant has done via the amendment above. 

Rejection of Claims 35-38 and 45 under 35 U.S.C. S 112 

In the Office Action, the Examiner rejected Claims 35-38 as being indefinite under 35 
U.S.C. § 112, second paragraph. As the Examiner correctly assumed for purposes of the Office 
Action, Applicant intended Claim 35 to depend from Claim 34 and intended Claims 36-38 to 
depend from Claim 35. Applicant has amended Claims 35-38 to correct this clerical error. 

In the Office Action, the Examiner rejected Claim 45 for lacking antecedent basis. 
Applicant has amended Claim 45 and respectfully requests that the Examiner withdrav/ the 
rejection of Claim 45. 

Benefits of Certain Embodiments . 

In the Office Action, the Examiner stated that the Applicant has failed to disclose the 
problem-solving aspects of, the advantages of, and the purpose for some claimed. .features. 
Although the Applicant respectfiilly submits that the Applicant has claimed and described - and 
need only claim and describe - a useful, novel, and non-obvious invention, the Applicant 
accepts the Examiner's implicit invitation to discuss the benefits of some aspects of certain 
embodiments of the invention. The Applicant respectfully requests that the Examiner consider 
the following discussion, which illustrates how certain embodiments may provide a variety of 
options for reducing costs and/or for reducing the risk of authorized access. 

Certain prior art systems required businesses to accept greater risks of unauthorized 
access to their networks. For example, as shown in Figure 1, the prior art included a business 
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network 12 that included a firewall 20 and that received two VPN tunnels 14 and 24 initiated by 
VPN nodes 18 and 26 respectively: 



FIG. 1 
(PRIOR ART) 


Thus, to receive either of these VPN tunnels, a port or hole must be opened in the business 
firewall 20 so that data can be transmitted from the business network 12 to the remote VPN 
nodes 18 and 26. (See Application at p. 4, 11. 1-3) Unfortunately, opening additional ports or 
holes in the business firewall 20 creates additional openings for hackers to exploit. (See 
Application at p. 5, 11. 12-14) Such systems "weaken firewalls and provide users, authorized or 
not, with too much control over network data." (See AppHcation at p. 5, 11. 14-19) 

The Examiner has cited United States Patent No. 6,563,800 to Salo et al. ("Salo"). Salo 
discloses two embodiments, both of which contemplate an "enterprise network 403" using a 
firewall 520 or a firewall 525: 
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FIG. SB 

Unfortunately, for any communication to occur, additional ports or holes a port must be opened 
in the firewalls 520 and 525, like the firewall 20 in Figure 1. 

Accordingly, businesses needed a system that could provide authorized access to data 
stored behind a firewall, but that could lessen the risk of unauthorized access, if desired. Some 
embodiments of the invention may be configured to lessen this risk, hi one embodiment, a 
tunnel 42 (Figure 3) may be established without opening additional ports in a business firewall, 
when desired. With fewer open ports, hackers would have fewer options to gain unauthorized 
access to the data behind the business firewall. Further, with fewer open ports, less 
customization and effort would be required to install, maintain, and monitor those ports which 
could save a substantial amount of money. 
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For example, in one embodiment, a spontaneous virtual private network module 52 of an 
enterprise network 40 may initiate the tunnel 42 by transmitting a data request 50, which the data 
center 44 may receive: 



FIG. 3 


In response to receiving the data request 50, the data center 44 may transmit reply data 53 in an 
ongoing manner to keep the tunnel 42 open. Accordingly, with the tunnel 42 open, the data 
center 44 may transmit access requests (such as, an access request 70 received from a user 10) 
via the tunnel 42. (See, e.g.. Application at p. 22, 11. 18-20) 

hi one embodiment, the spontaneous virtual private network module 52 may optionally 
be configured to send the data request 50 via a previously opened firewall port designed to 
transmit requests and receive responses thereto. For example, the spontaneous virtual private 
network module 52 could send the data request 50 via the ports 80 and 443 - which may already 
be opened to send requests (such as, requests from Internet browsers) and to receive responses 
thereto. (See Application at p. 17, 1. 20 - p. 18, 1. 16) Thus, if desired, the data request 50 could 
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optionally be sent - and the tunnel 42 could optionally be established without opening any 
additional ports or holes that hackers could exploit. (See Application at p. 18, 11. 17-24) 

Also, the spontaneous virtual private network module 52 may optionally be configured to 
send the data request 50 via a proxy server 82 that may already be configured to send requests 
(such as, requests fi"om hitemet browsers) and to receive and verify responses thereto. (See 
Application at p. 18, 11. 8-16) Accordingly, if desired, the proxy server 82 may advantageously 
help provide additional security for communication via the tunnel 42. (See Application at p. 18, 
11. 22-24) 

Thus, as discussed above, sending an outgoing data request (such as, the data request 50) 
may advantageously be used to help establish a data tunnel through which incoming data 
requests could be received. Also, when desired, sending an outgoing data request may 
advantageously be used to help establish a data tunnel without opening additional ports ~ 
helping to reduce the risk of unauthorized access. Further, when desired, sending an outgoing 
data request may advantageously be used to help establish a data tunnel that could leverage the 
security functionality of a proxy server or the like. 

Applicant respectfully submits that these embodiments and other embodiments of the 
invention may be used to implement a variety of options for reducing the risk of authorized 
access and/or reducing the costs associated with certain prior art systems. (See Application at p. 
18, 11. 17-24) These embodiments are not only novel, useful, and non-obvious, but also may 
provide significant advantages. 


Rejections under 35 U.S,C. S 103 
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The Prior Art Must Teach or Suggest Every Word of Every Limitation 

MPEP § 2143.03 states: "To establish prima facie obviousness of a claimed invention, all 
the claim limitations must be taught or suggested by the prior art." (See MPEP § 2143.03 at 
2100-128 (8'^ ed. rev. 1 2003) (emphasis added),) MPEP § 2143.03 adds: " All words in a claim 
must be considered in judging the patentability of that claim against the prior art." (See id 
(emphasis added).) 

The Mere Fact That a Reference Can Be Modified Does Not Provide the Required Motivation 

A combination or modification is not proper without a suggestion or motivation "to 
modify the reference or combine reference teachings." {See MPEP § 2143 at 2100-124 to 2100- 
125 (8'*" ed. rev. 1 2003).) 

The MPEP states: " The mere fact that references can be combined or modified does not 
render the resultant combination obviousness unless the prior art also suggests the desirability of 
the combination." (See id § 2143.01 at 2100-126 (emphasis added).) Indeed, "[a]lthough a 
prior art device 'may be capable of being modified to run the way the apparatus is claimed, there 
must be a suggestion or motivation in the reference to do so .'" {See id. § 2143.01 at 2100-126 
(emphasis added).) 

The following discussion illustrates that the prior art applied in the Office Action does 
not teach every element of the claims. In many cases, the Office Action fails to provide art that 
teaches the omitted elements. Further, the cited art fails to suggest or the claim limitations. As 
a result, the claims are not obvious in view of the cited art and are believed to be in condition for 
allowance for at least this reason. 
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Rejection of Claims 1-12 under 35 U.S.C S 103(a) 

In the Office Action, the Examiner rejected Claims 1, 2, 9 and 10 as being obvious under 
35 U.S.C. § 103(a) over Salo. The Examiner also rejected Claims 3-7 as being obvious under 35 
U.S.C. § 103(a) over Salo in view of United States Patent No. 6,292,905 to Wallach et al 
("Wallach"). The Examiner also rejected Claims 8, 1 1, and 12 as being obvious under 35 U.S.C. 
§ 103(a) over Salo in view of Wallach in further view of United States Patent No. 6,138,049 to 
McLaughlin ("McLaughlin"). 

Applicant respectfully submits that Claims 1-12 are nonobvious because the cited 
references do not teach or suggest any of the Claims 1-12 as a whole, including each of their 
respective limitations. 

Claims 1-12 Are Allowable Over the Cited References 

Applicant respectfully submits that independent Claim 1 is allowable over Salo. Salo 

does not teach or suggest "receiving a data request fi*om the remote enterprise network" and "in 

response to the data request, transmitting ongoing reply data to the remote enterprise network, 

such that a data tunnel is established between the data center and the remote enterprise network, 

the data tunnel operating as a virtual private network," in combination with the other recited 

elements as presently claimed in independent Claim 1. Indeed, in the Office Action, the 

Examiner admits that "Salo does not teach the aforementioned step in response to the data 

request from the remote enterprise network." (See Office Action at p. 4) This makes sense that 

the Salo data center would not do anything "in response" to a request because Salo merely 

teaches a data center that only transmits (not responds to) requests: 

Further, as may be appreciated from the foregoing description, the data center 
interacts with the enterprise network by transmitting requests to the enterprise 
network and receiving responses therefrom. 
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(See Salo, Col. 18, 11. 42-45 (emphasis added).) 

While admitting Salo does not teach each limitation of Claim 1, the Examiner asserts that 
one skilled in the art "would have expected Applicant's claimed invention to perform equally 
well with having the data center initiating the connection to the enterprise network." Assuming 
for the sake of argument that one skilled in the art would have expected the Examiner's proposed 
modification to Salo would succeed, the MPEP teaches that modifications — even modifications 
well within the ordinary skill of the art ~ are not obvious without the required suggestion or 
motivation. {See MPEP § 2143.01 at 2100-126 (8th ed. rev. 1 2003).) In fact, even assuming for 
the sake of argument that a person of the highest skill could make the proposed modification 
(that is, the modification could be made), " there must be a suggestion or motivation in the 
reference to do so ." {See id, (emphasis added).) Salo contains no such suggestion or motivation. 
Accordingly, Claim 1, as a whole, is nonobvious. 

Because Claim 1 is nonobvious, its dependent claims are nonobvious. The MPEP § 
2143.03 states: "If an independent claim is nonobvious under 35 U.S.C. 103, then any claim 
depending therefi-om is nonobvious." {See MPEP § 2143.03 at 2100-128 (8th ed. rev. 1 2003).) 
Accordingly, because dependent Claims 2-12 depend fi-om independent Claim 1, Claims 2-12 are 
nonobvious for at least the same reasons as independent Claim 1 is nonobvious. 

Rejection of Claims 39-45 under 35 U.S.C, S 103(a) 

In the Office Action, the Examiner rejected Claims 39-45 as being obvious under 35 
U.S.C. § 103(a) over Salo in view of United States Patent No. 6,032,227 to Shaheen et al. 
("Shaheen"). 
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Applicant respectfully submits that Claims 39-45 are nonobvious because the cited 
references do not teach or suggest any of the Claims 39-45 as a whole, including each of their 
respective limitations. 

Applicant respectfully submits that independent Claim 39 is allowable over Salo. Salo 

does not teach or suggest Claim 39, which reads: 

In a data center capable of communicating with a remote enterprise 
network, a method for enabling a user to access network data of the remote 
enterprise network through a data tunnel between the data center and the remote - 
enterprise network that operates as a virtual private network, the method 
comprising the acts of: 

receiving network data from the remote enterprise network through a 
temporary data tunnel that is established between the data center and the remote 
enterprise network, the temporary data tuiHiel operating as a virtual private 
network; 

caching a copy of the network data in a database of the data center; 

receiving an access request to access network data of the remote enterprise 
network from the user; 

retrieving the network data from the database in response to the access 
request; and 

transmitting the network data to the user. 

Essentially, the data center in Salo acts a server of individual active server pages (or ASPs) that 

may generate HTML documents and the like for display on a requesting input device. {See Salo, 

Col. 5, 11. 58-60; Col. 7, 11. 17-25.) In the Office Action, the Examiner stated: "It would have 

been obvious [to] one of ordinary skill in the art at the time the invention was made to modify 

Salo's data center with the ability to cache network data because mobile and wireless devices 

have limited storage capacity and would be able to store information in a central repository." 

(See Office Action at 22.) To the contrary, ASPs are designed to dynamically access data and 

format the data in a HTML document that an accessing device could readily receive and display. 
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{See Salo, Col. 10, 11. 21-25, 41-47) Accordingly, there would be no need or motivation to cache 
any data in the Salo system. Not surprisingly, Salo contains no suggestion or motivation to 
modify Salo in a manner that would teach each element of Claim 39. Accordingly, Claim 39, as 
a whole, is nonobvious. Further, because dependent Claims 40-45 depend from independent 
Claim 39, Claims 40-45 are nonobvious for at least the same reasons as independent Claim 39 is 
nonobvious. 

Rejection of Claims 13-22 under 35 U.S.C. S 103(a) 

hi the Office Action, the Examiner rejected Claims 13-16 and 21-22 as being obvious 
under 35 U.S.C. § 103(a) over Salo. The Examiner also rejected Claims 17 and 18 as being 
obvious under 35 U.S.C. § 103(a) over Salo in view of United States Patent No. 6,081,900 to 
Subramaniam et al. ("Subramaniam"). The Examiner also rejected Claim 19 as being obvious 
under 35 U.S.C. § 103(a) over Salo in view of United States Patent No. 6,295,551 to Roberts et 
al. ("Roberts"). The Examiner also rejected Claim 20 as being obvious under 35 U.S.C. § 103(a) 
over Salo in view of United States Patent No. 6,631,416 to Bendinelli et al. ("Bendinelli"). 

Applicant respectfully submits that Claims 13-22 are nonobvious because the cited 
references do not teach or suggest any of the Claims 13-22 as a whole, including each of their 
respective limitations. 

Applicant respectfully submits that independent Claim 13 is allowable over Salo. As 
previously discussed, Salo does not teach or suggest "transmitting a data request to the remote 
data center" and "receiving ongoing reply data from the remote data center in response to the 
data request, such that a data tunnel is established between the remote data center and the 
enterprise network, the data tunnel operating as a virtual private network" in combination with 
the other recited elements as presently claimed in independent Claim 13. Also, Salo contains no 
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suggestion or motivation to modify Salo in a manner that would teach each element of Claim 13. 
Accordingly, Claim 13, as a whole, is nonobvious. Further, because dependent Claims 14-22 
depend from independent Claim 13, Claims 14-22 are nonobvious for at least the same reasons 
as independent Claim 13 is nonobvious. 

Rejection of Claims 23-27 under 35 U.S.C. S 103fa) 

In the Office Action, the Examiner rejected Claims 23 and 26-27 as being obvious under 
35 U.S.C. § 103(a) over Salo. The Examiner also rejected Claim 24 as being obvious under 35 
U.S.C. § 103(a) over Salo in view of Bendinelli. The Examiner also rejected Claim 25 as being 
obvious under 35 U.S.C. § 103(a) over Salo in view Subramaniam. 

Applicant respectfully submits that Claims 23-27 are nonobvious because the cited 
references do not teach or suggest any of the Claims 23-27 as a whole, including each of their 
respective limitations. 

Applicant respectfully submits that independent Claim 23 is allowable over Salo. Salo 
does not teach or suggest "receiving, from the remote enterprise network, a uniform resource 
identifier associated with a resource of a server of the data center" and "in response to receiving 
the uniform resource identifier, invoking the resource to generate ongoing reply data and 
transmitting the ongoing reply data to the remote enterprise network, such that a data tunnel is 
established between the data center and the remote enterprise network in response to an action of 
the remote enterprise network, the data tunnel operating as a virtual private network;" in 
combination with the other recited elements as presently claimed in independent Claim 23. Also, 
Salo contains no suggestion or motivation to modify Salo in a manner that would teach each 
element of Claim 23. Accordingly, Claim 23, as a whole, is nonobvious. Further, because 
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dependent Claims 24-27 depend from independent Claim 23, Claims 24-27 are nonobvious for at 
least the same reasons as independent Claim 23 is nonobvious. 

Rejection of Claims 28-33 under 35 U.S.C> S 103(a) 

In the Office Action, the Examiner rejected Claims 28-33 as being obvious under 35 
U.S.C.§ 103(a) over Salo. 

Applicant respectfully submits that Claims 28-33 are nonobvious because the cited 
references do not teach or suggest any of the Claims 28-33 as a whole, including each of their 
respective limitations. 

Applicant respectfully submits that independent Claim 28 is allowable over Salo. Salo 
does not teach or suggest "program code means for receiving a data request from the remote 
enterprise network" and "program code means for transmitting, in response to the data request, 
ongoing reply data to the remote enterprise network, such that a data tunnel is established 
between the data center and the remote enterprise network, the data tunnel operating as a virtual 
private network" in combination with the other recited elements as presently claimed in 
independent Claim 28. Also, Salo contains no suggestion or motivation to modify Salo in a 
manner that would teach each element of Claim 28. Accordingly, Claim 28, as a whole, is 
nonobvious. Further, because dependent Claims 29-33 depend from independent Claim 28, 
Claims 29-33 are nonobvious for at least the same reasons as independent Claim 28 is 
nonobvious. 

Rejection of Claims 34-38 under 35 U>S.C. S lQ3fa) 

In the Office Action, the Examiner rejected Claims 34, 35, 37, and 38 as being obvious 
under 35 U.S.C. § 103(a) over Salo. The Examiner also rejected Claim 36 as being obvious 
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under 35 U.S.C. § 103(a) over Salo in view of United States Patent No. 6,529,500 to 
Pandharipande ("Pandharipande")- 

Applicant respectfully submits that Claims 34-38 are nonobvious because the cited 
references do not teach or suggest any of the Claims 34-38 as a whole, including each of their 
respective limitations. 

Applicant respectfully submits that independent Claim 34 is allowable over Salo. Salo 
does not teach or suggest "transmitting a data request to the remote data center" and "receiving 
ongoing reply data from the remote data center in response to the data request, such that a data 
tunnel is established between the remote data center and the enterprise network, the data tunnel 
operating as a virtual private network" in combination with the other recited elements as 
presently claimed in independent Claim 34. Also, Salo contains no suggestion or motivation to 
modify Salo in a manner that would teach each element of Claim 34. Accordingly, Claim 34, as 
a whole, is nonobvious. Further, because dependent Claims 35-38 depend from independent 
Claim 34, Claims 35-38 are nonobvious for at least the same reasons as independent Claim 34 is 
nonobvious. 

New Claims 46-48 

Applicant has added Claims 46-48, which Applicant submits are allowable over the art of 
record for at least the reasons discussed above. 

Conclusion 

Applicant has endeavored to address all of the Examiner's concerns as expressed in the 
Office Action. In light of the above remarks, Applicant respectfiilly submits that the claims are 
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in condition for allowance and requests reconsideration and withdrawal of the pending 
rejections. 

Applicant respectfully notes that the discussion herein should not be construed to 
constitute an exhaustive enumeration of the distinctions between the claims of the present 
application and the references cited by the Examiner, histead, such distinctions are presented 
solely by way of example. Consistent with the foregoing, the discussion herein is not intended, 
and should not be construed, to prejudice or foreclose future consideration, by the Applicant, of 
additional or alternative distinctions between the claims of the present application and the 
references cited by the Examiner. 

Applicant notes further that the arguments and/or amendments presented herein have been 
made merely to clarify the claimed invention from elements purported by the Examiner to be 
disclosed by the cited prior art references. Such arguments and/or amendments should not, 
however, be construed as an acquiescence on the part of the Applicant as to the purported teachings 
or prior art status of any of the cited references, nor as to any characterization of the cited references 
advanced by the Examiner. Accordingly, Applicant reserves the right to challenge the purported 
teaching and prior art status of any and all of the cited references at any appropriate time. 
In the event that the Examiner finds remaining impediment to a prompt allowance of this 
application that may be clarified through a telephone interview, the Examiner is requested to 
contact the undersigned attorney. 
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Dated this 30^^ day of August 2004. 


Respectfully submitted, 



Carl T. Reed 
Attorney for Applicant 
Registration No. 45,454 
Customer No.: 022913 
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